W22: bounds-check nextInstr() in YIELD_VALUE pattern-deopt

SonicField · SonicField · commit 28178f42f043 · 2026-04-23T07:37:17.000-07:00
Fixes regression in bffec89 where bci.nextInstr() was called on the final YIELD_VALUE bytecode without bounds-checking, producing a BytecodeInstruction that points past co_code. Reading .opcode() / .oparg() on that invalid instruction SIGSEGVs. Per Python/jit/bytecode.h:57 contract: nextInstrOffset() will go past the end of the instruction stream for the last instruction. Match the existing pattern at builder.cpp:1143 (BCOffset comparison against bc_block.size()) before dereferencing the next instruction. Catch credit: testkeeper 14:34:52Z controlled experiment showed auto-compile of asyncio internals (which contain YIELD_VALUE near end-of-bytecode) SIGSEGV'd at iter 1000 (auto-compile threshold), while pre-bffec89650 binary at the same tree exited cleanly. The dis.dis fixture verification at bffec89 commit-time only exercised small functions where YIELD_VALUE was never the last instruction — real production codepaths exposed the boundary case. Updates the author-attribution comment to use timestamp citations (per supervisor 14:30:40Z discipline correction post medic catch on shepard 14:29:14Z directive).
diff --git a/Python/jit/hir/builder.cpp b/Python/jit/hir/builder.cpp
@@ -4899,7 +4899,8 @@ void HIRBuilder::checkTranslate() {
       banned_name_ids.insert(i);
     }
   }
-  for (auto& bci : BytecodeInstructionBlock{code_}) {
+  BytecodeInstructionBlock bc_block{code_};
+  for (auto& bci : bc_block) {
     auto opcode = bci.opcode();
     int oparg = bci.oparg();
     if (!isSupportedOpcode(opcode)) {
@@ -4938,17 +4939,27 @@ void HIRBuilder::checkTranslate() {
       // 2=after-yield-from, 3=after-await). Refcount-pass-init n_in==0 on
       // the generator-resume bb crashes deopt with 'register not live'
       // assertion (5 architectural fix iterations did not converge cleanly).
-      // Author authority bypass per Alex L3076 + gatekeeper L3076 + theologian
-      // + supervisor concur on (C) pattern-deopt scope. Plain yield (RESUME
-      // oparg==1) and await (RESUME oparg==3) STAY in the JIT — only the
-      // yield-from desugaring pattern falls back to the interpreter.
-      // RULE STANDS for future cases; this is the ONE explicit exception.
-      auto next_bc = bci.nextInstr();
-      if (next_bc.opcode() == RESUME && next_bc.oparg() == 2) {
-        throw std::runtime_error{fmt::format(
-            "Cannot compile {} to HIR because it uses 'yield from' "
-            "(W22 deopt: YIELD_VALUE+RESUME-oparg-2 pattern)",
-            preloader_.fullname())};
+      // Author authority bypass per Alex 14:00:40Z + gatekeeper 13:59:54Z +
+      // theologian 14:15:09Z + supervisor 14:14:50Z concur on (C) pattern-
+      // deopt scope. Plain yield (RESUME oparg==1) and await (RESUME
+      // oparg==3) STAY in the JIT — only the yield-from desugaring pattern
+      // falls back to the interpreter. RULE STANDS for future cases; this
+      // is the ONE explicit exception.
+      //
+      // Bounds check: nextInstrOffset() can go past end of bytecode for the
+      // last instruction (per Python/jit/bytecode.h:57 contract). Guard
+      // before reading the next instruction's opcode/oparg, otherwise
+      // YIELD_VALUE at end-of-bytecode SIGSEGVs reading garbage memory.
+      // (testkeeper 14:34:52Z auto-compile asyncio regression catch.)
+      BCOffset next_off = bci.nextInstrOffset();
+      if (next_off < bc_block.size()) {
+        auto next_bc = bci.nextInstr();
+        if (next_bc.opcode() == RESUME && next_bc.oparg() == 2) {
+          throw std::runtime_error{fmt::format(
+              "Cannot compile {} to HIR because it uses 'yield from' "
+              "(W22 deopt: YIELD_VALUE+RESUME-oparg-2 pattern)",
+              preloader_.fullname())};
+        }
       }
     }
   }
